<?php
/**
 * Copyright 2011  SURFfoundation
 * 
 * This file is part of ESCAPE.
 * 
 * ESCAPE is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * ESCAPE is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with ESCAPE.  If not, see <http://www.gnu.org/licenses/>.
 * 
 * For more information:
 * http://escapesurf.wordpress.com/
 * http://www.surffoundation.nl/
 * 
 * Contact: d.vierkant@utwente.nl
 * 
 * @license http://www.gnu.org/licenses/gpl.html GNU GPLv3
 */
?>
<?php
/**
 * Upload
 * 
 * Upload an attachment.
 */
class escape_repositoryui_action_Upload extends escape_repositoryui_Action
{
	public function handleRequest()
	{
		/* @var $repository escape_repository_Repository */
		$repository =& $this->requestAttributes['repository'];
		/* @var $repositoryUi escape_repositoryui_RepositoryUi */
		$repositoryUi =& $this->requestAttributes['repositoryUi'];

		// check if upload is enabled
		if(!$repository->config['upload_enabled'])
		{
			// openid is disabled
			$repositoryUi->displayErrorPage('Upload is disabled.');
			return null;
		}
		
		// fetch the ID from the request
		$objectId = $_REQUEST['actionValue'];
		$objectUri = $repository->convertDataObjectIdToObjectUri($objectId);
		
		// fetch the object and related aggregation
		try {
			$oreObject = $repository->getOreObjectByUri($objectUri);
			$this->requestAttributes['oreObject'] =& $oreObject;
		}
		catch(Exception $exception)
		{
			$repositoryUi->displayErrorPage($exception->getMessage());
			return null;
		}
		$aggregation = $oreObject->getAggregation();
		$this->requestAttributes['aggregation'] =& $aggregation;
		
	
		// add a breadcrumb for this object
		// link it to the show page instead of the editor 
		$breadCrumb = new escape_repositoryui_BreadCrumb();
		$breadCrumb->setTitle($oreObject->getTitle());
		$breadCrumb->setUrl('/show/' . $oreObject->getId());
		$repositoryUi->addBreadCrumb($breadCrumb);
		
		// check user authorization
		$user = $repositoryUi->getUser();
		$userIsAuthorized = false;
		if($user)
		{
			$userUri = $user->getUri();
			$userIsAdministrator = $user->hasSystemRole(escape_repository_User::$role_administrator);
			if($userIsAdministrator || $aggregation->hasEditor($userUri) || $aggregation->hasOwner($userUri))
			{
				$userIsAuthorized = true;
			}
		}
		
		if(!$userIsAuthorized)
		{
			// user is not authorized to edit this resource, redirect to login page
			$repositoryUi->redirectToLoginForAction($this->requestAttributes['actionName'], $objectId);
			return null;
		}
	
		// check if the user wants to delete the attachment
		if(isset($_POST['verb']))
		{
			if($_POST['verb'] == 'delete')
			{
				$oreObject->deleteAttachment();
	
				// redirect to the edit page for this object
				$url = "/edit/" . rawurlencode($oreObject->getId());
				if($repositoryUi->isGadgetMode())
				{
					$url .= '?gadget=1';
				}
				header("Location: " . $url);
				return null;
			}
		}
	
		// check if the user is uploading a new attachment
		if(isset($_FILES['file']))
		{
			$file = $_FILES['file'];
			
			//escape_printr_pre($_FILES);
			if($file['error'] == 0)
			{
				$fileName = basename($file['name']);
				$fileTmpName = $file['tmp_name'];
				$fileType = $file['type'];
				
				// store the attachment in fedora
				$oreObject->saveAttachmentByReference($fileTmpName, $fileType, $fileName);
				
				// redirect to the edit page for this object
				$url = "/edit/" . rawurlencode($oreObject->getId());
				if($repositoryUi->isGadgetMode())
				{
					$url .= '?gadget=1';
				}
				header("Location: " . $url);
				return null;
			}
		}
		
		return 'UploadForm';
	}
}